I have solaris11 running in a kvm virtual machine,network works fine.
I can configure it with dhcp or static.
Of course packet forward in kvm machine is enabled
The solaris11 machine can ping external network.
I have setup a solaris10 zone inside the vm
the solaris 10 zone use exclusive ip and physical net is vnic0
I use those commands
Now zlogin...
The interface is here
I can configure ip..
On solaris11 routeadm say ipforward is enabled
and even ipadm say enabled
what is the problem?
The solaris zone can ping ONLY the solaris11 host..not the internal network(192.168.0.0/24) not internet!
What I miss?
Solution found..vnic doesn't work good with this configuration.
So I use a virtual e1000,assigned to solaris10 zone
And works fine.
If someone need,this is the procedure to make the vm works with the zones
a)Install solaris11.4 on kvm(works..but only with intel cpu),install with TWO network e1000 cards,one is for your normal network,the other will be assigned to zone
So..
we use
net0 as network for "home"
net1 dedicated to solaris10 zone of solaris11 vm
in this guide I call solaris10 with hostname..solaris10
I use term "physical" for solaris10 but can be also a vm..
b)Configure network
c)Create the solaris10 zone,you must have a working physical or virtualmachine solaris10
1)On solaris10 physical host collect those info's
2) On solaris10 physical
3 )
d)Now network on solaris 10 ZONE
e)Now start solaris10 zone...
If you cannot see the network card follow this guide
On solaris10 zone
Easy and nice!
------ Post updated at 12:53 PM ------
Quote:
Originally Posted by hicksd8
We had a very similar question asked recently when various of us tried to help.
May I suggest that you read ALL this thread first. The OP seemed to find his own solution by amending the zone configuration to specify a router ip.
If none of this works for you please do post back here.
Thanks for answer,already solved.
The bad thing was the vnic..I don't know why on vm is isolated..is also impossible to ping a vnic configured from outside,probably using NAT works..
Last edited by Linusolaradm1; 11-20-2018 at 01:50 PM..
In global zone, a network interface (VNIC) is created on L2 (MAC layer), with unique MAC address.
That is created/assigned to a zone, during zone install/creation or can be done manually as you did in first example.
When using exclusive IP stack, global zone does nothing on IP layer (L3).
So you do not need or require those forwarding options on global zone, or anything really outside vnic definition for zone.
As for your original problem, i presume KVM virtual switch discards everything not coming from assigned interface MAC from options for solaris 11 guest.
For a lab enviroment you can probably a tcpdump or snoop on kvm hypervisor interface and global zone guest, then see if network works in non global zone when dumps are running.
RHEL 7.0, IPV6
Scenario:
I have routed specific network using network scripts.
1. "ip -6 route show" shows that route has been added. ( with metric 1024)
2. Ping of the specific IP through that route is successful.
3. Now after few days, for some reason, we see that cache route appears for... (3 Replies)
Hi all. Linux noob here.
I was hoping someone could help me with configuring some routing rules on my router, an Asus AC68.
The router is connected to two gateways, wan0_gateway and wan1_gateway.
I have rules set up in the router gui that will push all traffic from every IP other than my own... (0 Replies)
Exercise:
Protection of WEB and DNS servers using the context-free rules for packet filtering:
- Protect your WEB-server, so that would be for him can be accessed by browsers, and could go to dns.
- Protect your primary DNS-server so that it could be to contact clients and secondary servers.... (1 Reply)
Hi,
I am involved in a project on Debian. One of my requirement is to route an IP packet in my application to a proxy server and receive the reply from the proxy server as an IP packet. My application handles data at the IP frame level. My application creates an IP packet(with all the necessary... (0 Replies)